import {
  Controller,
  Get,
  Post,
  Body,
  Param,
  Delete,
  Put,
  UseGuards,
  Request,
  HttpCode,
  ForbiddenException,
} from '@nestjs/common';
import { WorkspaceMemberService } from './workspace-member.service';
import { CreateWorkspaceMemberDto } from './dto/create-workspace-member.dto';
import { UpdateWorkspaceMemberDto } from './dto/update-workspace-member.dto';
import {
  ApiBearerAuth,
  ApiOperation,
  ApiParam,
  ApiResponse,
  ApiTags,
} from '@nestjs/swagger';
import { JwtAuthGuard } from '../../guards/jwt-auth.guard';
import { RolesGuard } from '../../guards/roles.guard';
import { PermissionsGuard } from '../../guards/permissions.guard';
import { Roles } from '../../decorators/roles.decorator';
import { Permissions } from '../../decorators/permissions.decorator';
import { WorkspaceMemberResponseDto } from './dto/workspace-member-response.dto';
import { WorkspaceMemberRole } from '../../types/enums';

@Controller('workspaces/:workspaceId/members')
@ApiTags('工作区成员管理')
@ApiBearerAuth()
@UseGuards(JwtAuthGuard, RolesGuard, PermissionsGuard)
export class WorkspaceMemberController {
  constructor(private readonly workspaceMemberService: WorkspaceMemberService) {}

  @Post()
  @Permissions('workspace:member:add')
  @ApiOperation({ summary: '添加工作区成员' })
  @ApiParam({ name: 'workspaceId', description: '工作区ID' })
  @ApiResponse({
    status: 201,
    description: '成员添加成功',
    type: WorkspaceMemberResponseDto,
  })
  async create(
    @Param('workspaceId') workspaceId: string,
    @Body() createWorkspaceMemberDto: CreateWorkspaceMemberDto,
    @Request() req,
  ) {
    // 只有管理员或工作区创建者可以添加成员
    const memberRole = await this.workspaceMemberService.getWorkspaceMemberRole(workspaceId, req.user.id);
    
    if (!memberRole || 
        (memberRole !== WorkspaceMemberRole.ADMIN && 
         memberRole !== WorkspaceMemberRole.OWNER)) {
      throw new ForbiddenException('您没有权限添加工作区成员');
    }

    return this.workspaceMemberService.create(workspaceId, createWorkspaceMemberDto);
  }

  @Get()
  @Permissions('workspace:member:view')
  @ApiOperation({ summary: '获取工作区所有成员' })
  @ApiParam({ name: 'workspaceId', description: '工作区ID' })
  @ApiResponse({
    status: 200,
    description: '返回工作区所有成员',
    type: [WorkspaceMemberResponseDto],
  })
  async findAll(
    @Param('workspaceId') workspaceId: string,
    @Request() req,
  ) {
    // 检查是否是工作区成员
    const isMember = await this.workspaceMemberService.isWorkspaceMember(workspaceId, req.user.id);
    
    if (!isMember) {
      throw new ForbiddenException('您不是该工作区的成员');
    }

    return this.workspaceMemberService.findAll(workspaceId);
  }

  @Get(':id')
  @Permissions('workspace:member:view')
  @ApiOperation({ summary: '获取工作区成员详情' })
  @ApiParam({ name: 'workspaceId', description: '工作区ID' })
  @ApiParam({ name: 'id', description: '成员ID' })
  @ApiResponse({
    status: 200,
    description: '返回成员详情',
    type: WorkspaceMemberResponseDto,
  })
  @ApiResponse({ status: 404, description: '成员不存在' })
  async findOne(
    @Param('workspaceId') workspaceId: string,
    @Param('id') id: string,
    @Request() req,
  ) {
    // 检查是否是工作区成员
    const isMember = await this.workspaceMemberService.isWorkspaceMember(workspaceId, req.user.id);
    
    if (!isMember) {
      throw new ForbiddenException('您不是该工作区的成员');
    }

    return this.workspaceMemberService.findOne(workspaceId, id);
  }

  @Put(':id')
  @Permissions('workspace:member:edit')
  @ApiOperation({ summary: '更新工作区成员' })
  @ApiParam({ name: 'workspaceId', description: '工作区ID' })
  @ApiParam({ name: 'id', description: '成员ID' })
  @ApiResponse({
    status: 200,
    description: '成员更新成功',
    type: WorkspaceMemberResponseDto,
  })
  @ApiResponse({ status: 404, description: '成员不存在' })
  async update(
    @Param('workspaceId') workspaceId: string,
    @Param('id') id: string,
    @Body() updateWorkspaceMemberDto: UpdateWorkspaceMemberDto,
    @Request() req,
  ) {
    // 只有管理员或工作区创建者可以更新成员
    const memberRole = await this.workspaceMemberService.getWorkspaceMemberRole(workspaceId, req.user.id);
    
    if (!memberRole || 
        (memberRole !== WorkspaceMemberRole.ADMIN && 
         memberRole !== WorkspaceMemberRole.OWNER)) {
      throw new ForbiddenException('您没有权限更新工作区成员');
    }

    return this.workspaceMemberService.update(workspaceId, id, updateWorkspaceMemberDto);
  }

  @Delete(':id')
  @Permissions('workspace:member:remove')
  @HttpCode(204)
  @ApiOperation({ summary: '移除工作区成员' })
  @ApiParam({ name: 'workspaceId', description: '工作区ID' })
  @ApiParam({ name: 'id', description: '成员ID' })
  @ApiResponse({ status: 204, description: '成员移除成功' })
  @ApiResponse({ status: 404, description: '成员不存在' })
  async remove(
    @Param('workspaceId') workspaceId: string,
    @Param('id') id: string,
    @Request() req,
  ) {
    // 只有管理员或工作区创建者可以移除成员
    const memberRole = await this.workspaceMemberService.getWorkspaceMemberRole(workspaceId, req.user.id);
    
    if (!memberRole || 
        (memberRole !== WorkspaceMemberRole.ADMIN && 
         memberRole !== WorkspaceMemberRole.OWNER)) {
      throw new ForbiddenException('您没有权限移除工作区成员');
    }

    await this.workspaceMemberService.remove(workspaceId, id);
    return { message: '成员移除成功' };
  }
} 